4.3
CVE-2022-21170
- EPSS 0.41%
- Veröffentlicht 10.03.2022 17:45:10
- Zuletzt bearbeitet 21.11.2024 06:44:01
- Quelle vultures@jpcert.or.jp
- CVE-Watchlists
- Unerledigt
LoginImproper check for certificate revocation in i-FILTER Ver.10.45R01 and earlier, i-FILTER Ver.9.50R10 and earlier, i-FILTER Browser & Cloud MultiAgent for Windows Ver.4.93R04 and earlier, and D-SPA (Ver.3 / Ver.4) using i-FILTER allows a remote unauthenticated attacker to conduct a man-in-the-middle attack and eavesdrop on an encrypted communication.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Daj ≫ I-filter Browser & Cloud Multiagent SwPlatformwindows Version <= 4.93r04
Daj ≫ I-filter Version <= 9.50r10
Daj ≫ Dspa-15000 M5 Version3
Daj ≫ Dspa-15000 M5 Version4
Daj ≫ Dspa-2000 M4 Version4
Daj ≫ Dspa-4000 M4 Version4
Daj ≫ Dspa-7000 M5 Version3
Daj ≫ Dspa-7000 M5 Version4
Daj ≫ Dspa-15000 M5 Version4
Daj ≫ Dspa-2000 M4 Version4
Daj ≫ Dspa-4000 M4 Version4
Daj ≫ Dspa-7000 M5 Version3
Daj ≫ Dspa-7000 M5 Version4
Daj ≫ I-filter Version >= 10.0 <= 10.45r01
Daj ≫ Dspa-15000 M5 Version3
Daj ≫ Dspa-15000 M5 Version4
Daj ≫ Dspa-2000 M4 Version4
Daj ≫ Dspa-4000 M4 Version4
Daj ≫ Dspa-7000 M5 Version3
Daj ≫ Dspa-7000 M5 Version4
Daj ≫ Dspa-15000 M5 Version4
Daj ≫ Dspa-2000 M4 Version4
Daj ≫ Dspa-4000 M4 Version4
Daj ≫ Dspa-7000 M5 Version3
Daj ≫ Dspa-7000 M5 Version4
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.41% | 0.607 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 3.7 | 2.2 | 1.4 |
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
|
| nvd@nist.gov | 4.3 | 8.6 | 2.9 |
AV:N/AC:M/Au:N/C:P/I:N/A:N
|
CWE-295 Improper Certificate Validation
The product does not validate, or incorrectly validates, a certificate.